Some communication systems are used in applications where a high degree of integrity is desired (also referred to here as “high-integrity applications”). Often, nodes included in such a system include functionality to prevent, detect, and/or correct faults that occur at that node. Examples of such functionality (also referred to here as “covering functions”) include watch-dogs, bus guardians, and protection monitoring systems (for example, to provide over-speed or over-temperature protection). It is typically desirable, given the criticality of such functionality, to periodically test such functionality while such a node is deployed, (for example, in order to detect latent “stuck-at-good” faults). Such testing is also referred to here as “in-field testing” or “fault detection, isolation, and recovery (FDIR) scrubbing.” One type of in-field testing is performed by software executing on a node. Though such in-field testing software is adequate to test functionality that is local to a given node (for example, watch-dogs), such software is typically not sufficient to stimulate functionality that is not local to the node (for example, functionality that is externally influenced, such as bus guardians or communication protocols).
Also, where a node includes “offline” functionality or modes that can be activated while the node is deployed (for example, a test mode or a software or data download mode) and activation of such offline functionality or modes stops or otherwise impairs the normal operation of the node, it is typically desirable to avoid inadvertently activating such offline functionality or modes. This is especially true where such a node is used in a safety-critical application.